{"id":304,"date":"2025-07-31T10:06:27","date_gmt":"2025-07-31T02:06:27","guid":{"rendered":"https:\/\/lib.kimsor.top\/?p=304"},"modified":"2025-08-01T10:55:10","modified_gmt":"2025-08-01T02:55:10","slug":"docker%e5%ae%89%e8%a3%85elasticsearch%ef%bc%8ckibana","status":"publish","type":"post","link":"https:\/\/lib.kimsor.top\/?p=304","title":{"rendered":"Docker\u5b89\u88c5Elasticsearch,Kibana,Logstash"},"content":{"rendered":"\n<p><strong>1\u3001\u5b89\u88c5Docker<\/strong><\/p>\n\n\n\n<p>\u8fd9\u4e00\u6b65\u53ef\u53c2\u8003<a href=\"https:\/\/lib.kimsor.top\/?p=264\">https:\/\/lib.kimsor.top\/?p=264<\/a>\u8fd9\u7bc7\u6587\u7ae0<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>2\u3001\u521b\u5efakibana\u548cES\u7684docker\u4e13\u7528\u7f51\u7edc<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker network create es-net<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>3\u3001\u5b89\u88c5ES<\/strong><\/p>\n\n\n\n<p>\u8fd9\u91cc\u6211\u4f7f\u7528\u7684\u662f7.17.27\u7248\u672c\uff0c\u5982\u679c\u9700\u8981\u5176\u4ed6\u7248\u672c\u53ef\u524d\u5f80dockerhub\u67e5\u770b<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker pull elasticsearch:7.17.27<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u8fd0\u884cES\u5bb9\u5668<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker run -p 9200:9200 -p 9300:9300 -e \"discovery.type=single-node\" -e ES_JAVA_OPTS=\"-Xms512m -Xmx512m\" -d --name elastic --network es-net &#91;\u955c\u50cf\u54c8\u5e0c]<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u68c0\u6d4b\u662f\u5426\u6709\u8fd4\u56de\u7ed3\u679c\u4ee3\u8868\u6210\u529f<\/p>\n\n\n\n<p>curl http:\/\/localhost:9200\/_cluster\/health?pretty<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>4\u3001\u5b89\u88c5Kibana<\/strong><\/p>\n\n\n\n<p>\u5b89\u88c5Kibana\u8981\u6ce8\u610f\u548ces\u7248\u672c\u4e00\u81f4<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker pull kibana:7.17.27<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u8fd0\u884cKibana\u5bb9\u5668<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker run --name kibana --network es-net -p 5601:5601 -e ELASTICSEARCH_HOSTS=http:\/\/elastic:9200 -d &#91;\u955c\u50cf\u54c8\u5e0c]<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u8bbf\u95ee5601\u7aef\u53e3\uff0c\u6709ui\u754c\u9762\u5373\u53ef<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"491\" src=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-28-1024x491.png\" alt=\"\" class=\"wp-image-307\" srcset=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-28-1024x491.png 1024w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-28-300x144.png 300w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-28-768x368.png 768w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-28-1536x737.png 1536w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-28.png 1901w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>5\u3001\u5b89\u88c5Logstash<\/strong><\/p>\n\n\n\n<p>\u5b89\u88c5\u548ces\u548ckibana\u7248\u672c\u4e00\u81f4<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker pull logstash:7.17.27<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u521b\u5efalogstash.conf\u5e76\u5199\u5165<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim logstash.conf\n\n\nconf\u5185\u5bb9\uff1a\n\ninput {\n  file {\n    path => \"\/usr\/share\/logstash\/logs\/test.log\"\n    start_position => \"beginning\"\n    sincedb_path => \"\/dev\/null\"\n  }\n}\n\nfilter {\n  grok {\n    match => { \"message\" => \"%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level}\\s+%{GREEDYDATA:msg}\" }\n  }\n  date {\n    match => &#91;\"timestamp\", \"yyyy-MM-dd HH:mm:ss\"]\n    target => \"@timestamp\"\n  }\n  mutate {\n    remove_field => &#91;\"timestamp\"]\n  }\n}\noutput {\n  elasticsearch {\n    hosts => &#91;\"http:\/\/172.18.0.2:9200\"]\n    index => \"logs-%{+YYYY.MM.dd}\"\n  }\n  stdout { codec => rubydebug }  # \u53ef\u9009\uff1a\u8c03\u8bd5\u8f93\u51fa\n}<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>\u521b\u5efalogstash.yml\u5e76\u5199\u5165<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim logstash.yml\n\n\u5185\u5bb9\uff1a\n\nxpack.monitoring.enabled: false\n<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u8fd0\u884clogstash<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker run -p 5044:5044 -p 5000:5000 -v &#91;logstash.conf\u7edd\u5bf9\u8def\u5f84]:\/usr\/share\/logstash\/pipeline\/logstash.conf -v &#91;logstash.yml\u7edd\u5bf9\u8def\u5f84]:\/usr\/share\/logstash\/config\/logstash.yml --name logstash --network es-net -d &#91;\u955c\u50cf\u54c8\u5e0c]\n<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u8fd0\u884c\u6210\u529f\u540e\u8fdb\u5165\u5bb9\u5668\u521b\u5efalogs\u76ee\u5f55\uff0c\u56e0\u4e3a\u6211\u4eec\u5728\u914d\u7f6e\u6587\u4ef6\u91cc\u9762\u4f7f\u7528\u7684\u662ffile<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"484\" height=\"208\" src=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-29.png\" alt=\"\" class=\"wp-image-311\" srcset=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-29.png 484w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-29-300x129.png 300w\" sizes=\"auto, (max-width: 484px) 100vw, 484px\" \/><\/figure>\n\n\n\n<p>\u8fdb\u5165\u5bb9\u5668<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker exec -it &#91;logstash\u5bb9\u5668\u54c8\u5e0c] \/bin\/bash<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u5728\u4ee5\u4e0b\u76ee\u5f55\u6dfb\u52a0logs<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"42\" src=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-30-1024x42.png\" alt=\"\" class=\"wp-image-312\" srcset=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-30-1024x42.png 1024w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-30-300x12.png 300w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-30-768x32.png 768w, https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-30.png 1193w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<pre class=\"wp-block-code\"><code>mkdir logs<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u8fdb\u5165logs\u6dfb\u52a0test.log\u6587\u4ef6\u6d4b\u8bd5<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>mkdir logs\ncd logs\ntouch test.log\ncat > test.log &lt;&lt; EOF\n2025-07-31 10:00:00 INFO    User login succeeded\n2025-07-31 10:05:00 ERROR   File access denied\nEOF<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<p>\u6dfb\u52a0\u4e4b\u540e\u53ef\u5728Kibana\u7684\u7d22\u5f15\u5904\u67e5\u770b\u662f\u5426\u6709\u7d22\u5f15\u5373\u53ef<\/p>\n\n\n\n<figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"258\" height=\"294\" src=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-31.png\" alt=\"\" class=\"wp-image-314\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"217\" height=\"222\" src=\"https:\/\/lib.kimsor.top\/wp-content\/uploads\/2025\/07\/image-32.png\" alt=\"\" class=\"wp-image-315\"\/><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>1\u3001\u5b89\u88c5Docker \u8fd9\u4e00\u6b65\u53ef\u53c2\u8003https:\/\/lib.kimsor.top\/?p=264\u8fd9\u7bc7\u6587\u7ae0 2\u3001\u521b\u5efa [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,5],"tags":[],"class_list":["post-304","post","type-post","status-publish","format-standard","hentry","category-elasticsearch","category-5"],"_links":{"self":[{"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=\/wp\/v2\/posts\/304","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=304"}],"version-history":[{"count":7,"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=\/wp\/v2\/posts\/304\/revisions"}],"predecessor-version":[{"id":316,"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=\/wp\/v2\/posts\/304\/revisions\/316"}],"wp:attachment":[{"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=304"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=304"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lib.kimsor.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=304"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}